CVE-2025-65640 in Globe Document Intelligenceinformation

Résumé

par MITRE • 04/06/2026

Cross Site Scripting (XSS) vulnerability in the "Task in Progress / Recent" page in Arket Globe Document Intelligence 5.0.0.559 due to improper sanitization of user input in text fields when creating a new document. Specifically, when an authenticated attacker submits data containing JavaScript code within these fields, the application fails to properly sanitize or escape the content. As a result, the injected script is executed when the page is rendered, allowing the attacker to execute arbitrary JavaScript in the context of other users' browsers who view the affected page.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsable

MITRE

Réserver

18/11/2025

Divulgation

04/06/2026

Modérer

accepté

Entrée

VDB-368406

CPE

prêt

CWE

CWE-79 (confirmé)

CVSS

6.3 (CISA-ADP)

EPSS

0.00000

KEV

non

Activités

faible

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-65640
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-65640
CVE Details	https://www.cvedetails.com/cve/CVE-2025-65640/

◂ Précédent Aperçu Suivant ▸

Want to know what is going to be exploited?

We predict KEV entries!